SlideShare uma empresa Scribd logo

Charan Resume

Transferir como DOCX, PDF
C
Charan Mukkamala
1 de 4
Red Hills Hyderabad-500004 +91-9885288664 charan.cool92@gmail.com SAI CHARAN MUKKAMALA OBJECTIVE To resideinto the latestworld of technology as a person who caress it,loves it, tests itand importantly secures it.Ready to move with a group of security experts or as an individual security engineer to make the world secure. WORK HISTORY INFORMATION SECURITY ANALYST, ENTERSOFT INFORMATION SYSTEMS, HYDERABAD, AP 08th Jul 2013 – TILL DATE FULL TIME SECURITY RESEARCHER, SYNACK RED TEAM, REDWOOD CITY, USA. 15th Jan 2015 – TILL DATE INDEPENDENT SECURITY RESEARCHER, HACKERONE, SAN FRANCISCO, CALIFORNIA, USA. 10th Oct 2013 – TILL DATE INDEPENDENT SECURITY RESEARCHER, BUGCROWD INC, SAN FRANCISCO, CALIFORNIA, USA. 10th Oct2013 – TILL DATE WORK EXPERIENCE INFORMATION SECURITY ANALYST, ENTERSOFT INFROMATION SYSTEMS, HYDERABAD, AP. 08thJuly 2013 – TILL DATE As I grown up with computers, itdeveloped deep interestin the fields of computers, networks and I spend a lot of time searchinganswers for theunknown and making way to get evolve myself as a Security Professional. When I kick started my career with Entersoft in 2013 I got a zeal to learn,to implement a lotof new things and the best way I found is to implement whatever you learntthrough a trial and error mechanism with all thepossiblescenarios. There are so many methods out there availablefor conductinga penetration test againstthe target application or networks, but developing own methodology is the crucial partone would come across in thesecurity domain.I builtmy own methodology for all kinds of penetration tests whether the target might be a web application or a wireless network. With core in depth knowledge in security domain I can perform the following 1. Web Application Penetration Testing a. Web Server Auditing b. DatabaseServer Auditing c. Application SourceCode Review d. Core Business Logic Testing 2. MobileApplication Penetration Testing
a. IOS mobile application penetration testing b. Android mobile application penetration testing 3. Network Penetration Testing a. Discoveringall thedevices over the network b. Enumerating all the applicationsinstalled and services runningon all thedevices. c. Followingown potential methods to find vulnerabilities in all theapplications, operatingsystem kernels and services runningin the target machines. d. If vulnerable,I will be implementing the post exploitation process to makesure how severe the vulnerability is? and whatcan be exploited further? e. Implementing fix for all the vulnerabilities found across thetarget. Knowledge Transfer sessionsatEntersoftplayed a prominent rolein developing my knowledge where developers and security experts sitback,relax and talks to each other regardingthe current market of Information Security likenews regardingthe latestdevelopments, technology trends, attacks,etc. I got habituated to researchingnew things in the internet and through which I gained a lot of information regardingthelatestsecurity threats, exploitingknown vulnerabilities,etc. As partof my client’s projectme alongwith another 2 colleagues atEntersoft developed a network security tool EnShield. The tool EnShield is capableof 1. Scanningthe whole network over the organization and collects all theinformation regardingthe computers being used. The tool collects information regarding theip address,hostname, services,banners and versions of runningservices,open ports, operatingsystem, etc. 2. The soleadmin of EnShield can control each and every system connected over the LAN/WLAN. 3. The admin can block a particular servicefor a particular systemata particulartime. 4. Redirects the whole network through an additional secondary network in caseif the firewall detects an intruder insidethe organization. PROFESSIONAL ACHIEVEMENTS OFFENSIVE SECURITY CERTIFIED PROFESSIONAL (OSCP) I have completed OSCP which is one of the best certificationsfor the professionalswith information security as the main background. SECURITY RESEARCHER I have participated in many more privateweb application bugbounty programs and received several rewards,swags and recognized as a white hat hackers on their whilehat list.
HALL OF FAME FOR REPORTING VULNERABILITIES IN THE BELOW WEB APPLICATIONS. 1. AT&T 2. Western Union (2 flaws) 3. Humble Bundle (2 flaws) 4. StopTheHacker (2 flaws) 5. METRO Group (2 flaws) 6. Openfolio (2 flaws) 7. Bugcrowd (2 flaws) 8. Peerlyst (2 flaws) 9. Indeed (3 flaws) 10. oDesk (2 flaws) 11. ExpressionEngine(2 flaws) 12. ANCILE SOLUTIONS 13. CrowdCurity 14. BlockChain 15. Facebook 16. Volusion 17. Heroku 18. Aptible 19. Twilio 20. Medium 21. WHMCS 22. Tagged 23. Square 24. Block.io 25. ZenCash 26. CodePen 27. Todoist 28. Sellfy 29. Ello 30. Fluxiom 31. doorkeeperhq 32. SoundCloud 33. Librato 34. getdpd 35. viadeo 36. Gliph SKILLS I have a brief idea about all the architectures of all theoperatingsystems. I got good knowledge in interactingwith all theOS’s. I am thorough enough to communicate with all kinds of servers,routers, switches,proxies,VPN’s. I can implement changes to or I can design and develop new proxies,proxy configurations,proxy rules,firewalls,firewall configurations,firewall rules. I am good atimplementing network connections between servers for better communication. I got good experience in usingall of the automated tools out there for conductingpenetration testing over a network, web applicationsor a mobile application. I got good reporting skills which makes the fixingprocess faster and reliable.
EDUCATION BACHELOR IN COMPUTER SCIENCE, JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY, KAKINADA. [2009-2013] I have completed my bachelor degree in Computer Science Engineering with aggregate of 65.84% alongwith special interestin the followingsubjects. 1. ObjectiveC and Data Structures(C&DS) 2. Advanced Data Structures(ADS) 3. Principles of ProgrammingLanguages(PPL) 4. DatabaseManagement Systems(DBMS) 5. Software TestingMethodologies(STM) 6. Computer Organization(CO) 7. Computer Networks(CN) 8. Computer Graphics(CG) 9. Compiler Design(CD) 10. Object Oriented Analysis& Design(OOAD) Presented papers on the followingtopics: 1. Cloud Computing and Security 2. Information Security and Ethical Hacking 3. Social Engineering - How to get protected from Black Hat Hackers SSC, BHASHYAM PUBLIC SCHOOL, GUNTUR. [2005-2007] I have completed my SSC with state syllabusand achieved aggregateof 79.86% with special interest in the followingsubjects. 1. General Physics 2. Biology 3. Social Studies REFERENCES SRI CHAKRADHAR K CIO,Entersoft Information Systems Pvt Ltd. +91-9502003777

Recomendados

Machine learning cyphort_malware_most_wanted
Machine learning cyphort_malware_most_wantedMachine learning cyphort_malware_most_wanted
Machine learning cyphort_malware_most_wantedCyphort
 
Cybersecurity 101 for Ophthalmology & Physician Practices
Cybersecurity 101 for Ophthalmology & Physician PracticesCybersecurity 101 for Ophthalmology & Physician Practices
Cybersecurity 101 for Ophthalmology & Physician PracticesRavi D. Goel, MD
 
Preparing for the inevitable: The mobile incident response playbook
Preparing for the inevitable: The mobile incident response playbookPreparing for the inevitable: The mobile incident response playbook
Preparing for the inevitable: The mobile incident response playbookNowSecure
 
MITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESET
MITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESETMITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESET
MITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESETMITRE - ATT&CKcon
 
Inside Attacker: An Overview
Inside Attacker: An OverviewInside Attacker: An Overview
Inside Attacker: An OverviewDustin Collins
 
Malware Most Wanted: Security Ecosystem
Malware Most Wanted: Security EcosystemMalware Most Wanted: Security Ecosystem
Malware Most Wanted: Security EcosystemCyphort
 
How to assign a CVE to yourself?
How to assign a CVE to yourself?How to assign a CVE to yourself?
How to assign a CVE to yourself?Ramin Farajpour Cami
 
Guy Podjarmy - Secure Node Code
Guy Podjarmy - Secure Node CodeGuy Podjarmy - Secure Node Code
Guy Podjarmy - Secure Node CodeDevSecCon
 

Recomendados

Machine learning cyphort_malware_most_wanted
Machine learning cyphort_malware_most_wantedMachine learning cyphort_malware_most_wanted
Machine learning cyphort_malware_most_wantedCyphort
 
Cybersecurity 101 for Ophthalmology & Physician Practices
Cybersecurity 101 for Ophthalmology & Physician PracticesCybersecurity 101 for Ophthalmology & Physician Practices
Cybersecurity 101 for Ophthalmology & Physician PracticesRavi D. Goel, MD
 
Preparing for the inevitable: The mobile incident response playbook
Preparing for the inevitable: The mobile incident response playbookPreparing for the inevitable: The mobile incident response playbook
Preparing for the inevitable: The mobile incident response playbookNowSecure
 
MITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESET
MITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESETMITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESET
MITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESETMITRE - ATT&CKcon
 
Inside Attacker: An Overview
Inside Attacker: An OverviewInside Attacker: An Overview
Inside Attacker: An OverviewDustin Collins
 
Malware Most Wanted: Security Ecosystem
Malware Most Wanted: Security EcosystemMalware Most Wanted: Security Ecosystem
Malware Most Wanted: Security EcosystemCyphort
 
How to assign a CVE to yourself?
How to assign a CVE to yourself?How to assign a CVE to yourself?
How to assign a CVE to yourself?Ramin Farajpour Cami
 
Guy Podjarmy - Secure Node Code
Guy Podjarmy - Secure Node CodeGuy Podjarmy - Secure Node Code
Guy Podjarmy - Secure Node CodeDevSecCon
 
Fighting malware - keeping your Intellectual Property safe
Fighting malware - keeping your Intellectual Property safeFighting malware - keeping your Intellectual Property safe
Fighting malware - keeping your Intellectual Property safePrayukth K V
 
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't EnoughNTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't EnoughNorth Texas Chapter of the ISSA
 
A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!Ammar WK
 
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resourcesGetting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resourcesOWASP Delhi
 
How To [relatively] Secure your Web Applications
How To [relatively] Secure your Web ApplicationsHow To [relatively] Secure your Web Applications
How To [relatively] Secure your Web ApplicationsAmmar WK
 
How to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’tsHow to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’tsNowSecure
 
Continuous Security - TCCC
Continuous Security - TCCCContinuous Security - TCCC
Continuous Security - TCCCWendy Istvanick
 
Security and ethical hacking initiative first session
Security and ethical hacking initiative first sessionSecurity and ethical hacking initiative first session
Security and ethical hacking initiative first sessionSithira Pathirana
 
Cybersecurity 5 road_blocks
Cybersecurity 5 road_blocksCybersecurity 5 road_blocks
Cybersecurity 5 road_blocksCyphort
 
Honeypot
HoneypotHoneypot
HoneypotSyeda Khadizatul maria
 
It's not about you: Mobile security in 2016
It's not about you: Mobile security in 2016It's not about you: Mobile security in 2016
It's not about you: Mobile security in 2016NowSecure
 
Global CISO Forum 2017: How To Measure Anything In Cybersecurity Risk
Global CISO Forum 2017: How To Measure Anything In Cybersecurity RiskGlobal CISO Forum 2017: How To Measure Anything In Cybersecurity Risk
Global CISO Forum 2017: How To Measure Anything In Cybersecurity RiskEC-Council
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingKeith Brooks
 
Effective Prioritization Through Exploit Prediction
Effective Prioritization Through Exploit Prediction Effective Prioritization Through Exploit Prediction
Effective Prioritization Through Exploit Prediction Jonathan Cran
 
Malware self protection-matrix
Malware self protection-matrixMalware self protection-matrix
Malware self protection-matrixCyphort
 
Deploying a Shadow Threat Intel Capability at CaralinaCon on March 6, 2016
Deploying a Shadow Threat Intel Capability at CaralinaCon on March 6, 2016Deploying a Shadow Threat Intel Capability at CaralinaCon on March 6, 2016
Deploying a Shadow Threat Intel Capability at CaralinaCon on March 6, 2016grecsl
 
Invincea fake british airways ticket spear-phish malware 03-21-2014
Invincea fake british airways ticket spear-phish malware 03-21-2014Invincea fake british airways ticket spear-phish malware 03-21-2014
Invincea fake british airways ticket spear-phish malware 03-21-2014Invincea, Inc.
 
IPv6 Security - Where is the Challenge
IPv6 Security - Where is the ChallengeIPv6 Security - Where is the Challenge
IPv6 Security - Where is the ChallengeRIPE NCC
 
Threat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the BasicsThreat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the BasicsCybereason
 
Rafeeq Rehman - Breaking the Phishing Attack Chain
Rafeeq Rehman - Breaking the Phishing Attack ChainRafeeq Rehman - Breaking the Phishing Attack Chain
Rafeeq Rehman - Breaking the Phishing Attack Chaincentralohioissa
 
ดนัย
ดนัยดนัย
ดนัยnongm12554
 
Resume
ResumeResume
ResumeCarol Chen
 

Mais conteúdo relacionado

Mais procurados

Fighting malware - keeping your Intellectual Property safe
Fighting malware - keeping your Intellectual Property safeFighting malware - keeping your Intellectual Property safe
Fighting malware - keeping your Intellectual Property safePrayukth K V
 
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't EnoughNTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't EnoughNorth Texas Chapter of the ISSA
 
A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!Ammar WK
 
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resourcesGetting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resourcesOWASP Delhi
 
How To [relatively] Secure your Web Applications
How To [relatively] Secure your Web ApplicationsHow To [relatively] Secure your Web Applications
How To [relatively] Secure your Web ApplicationsAmmar WK
 
How to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’tsHow to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’tsNowSecure
 
Continuous Security - TCCC
Continuous Security - TCCCContinuous Security - TCCC
Continuous Security - TCCCWendy Istvanick
 
Security and ethical hacking initiative first session
Security and ethical hacking initiative first sessionSecurity and ethical hacking initiative first session
Security and ethical hacking initiative first sessionSithira Pathirana
 
Cybersecurity 5 road_blocks
Cybersecurity 5 road_blocksCybersecurity 5 road_blocks
Cybersecurity 5 road_blocksCyphort
 
It's not about you: Mobile security in 2016
It's not about you: Mobile security in 2016It's not about you: Mobile security in 2016
It's not about you: Mobile security in 2016NowSecure
 
Global CISO Forum 2017: How To Measure Anything In Cybersecurity Risk
Global CISO Forum 2017: How To Measure Anything In Cybersecurity RiskGlobal CISO Forum 2017: How To Measure Anything In Cybersecurity Risk
Global CISO Forum 2017: How To Measure Anything In Cybersecurity RiskEC-Council
 
Effective Prioritization Through Exploit Prediction
Effective Prioritization Through Exploit Prediction Effective Prioritization Through Exploit Prediction
Effective Prioritization Through Exploit Prediction Jonathan Cran
 
Malware self protection-matrix
Malware self protection-matrixMalware self protection-matrix
Malware self protection-matrixCyphort
 
Deploying a Shadow Threat Intel Capability at CaralinaCon on March 6, 2016
Deploying a Shadow Threat Intel Capability at CaralinaCon on March 6, 2016Deploying a Shadow Threat Intel Capability at CaralinaCon on March 6, 2016
Deploying a Shadow Threat Intel Capability at CaralinaCon on March 6, 2016grecsl
 
Invincea fake british airways ticket spear-phish malware 03-21-2014
Invincea fake british airways ticket spear-phish malware 03-21-2014Invincea fake british airways ticket spear-phish malware 03-21-2014
Invincea fake british airways ticket spear-phish malware 03-21-2014Invincea, Inc.
 
IPv6 Security - Where is the Challenge
IPv6 Security - Where is the ChallengeIPv6 Security - Where is the Challenge
IPv6 Security - Where is the ChallengeRIPE NCC
 
Threat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the BasicsThreat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the BasicsCybereason
 
Rafeeq Rehman - Breaking the Phishing Attack Chain
Rafeeq Rehman - Breaking the Phishing Attack ChainRafeeq Rehman - Breaking the Phishing Attack Chain
Rafeeq Rehman - Breaking the Phishing Attack Chaincentralohioissa
 

Mais procurados (20)

Fighting malware - keeping your Intellectual Property safe
Fighting malware - keeping your Intellectual Property safeFighting malware - keeping your Intellectual Property safe
Fighting malware - keeping your Intellectual Property safe
 
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't EnoughNTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
 
A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!
 
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resourcesGetting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
 
How To [relatively] Secure your Web Applications
How To [relatively] Secure your Web ApplicationsHow To [relatively] Secure your Web Applications
How To [relatively] Secure your Web Applications
 
How to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’tsHow to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’ts
 
Continuous Security - TCCC
Continuous Security - TCCCContinuous Security - TCCC
Continuous Security - TCCC
 
Security and ethical hacking initiative first session
Security and ethical hacking initiative first sessionSecurity and ethical hacking initiative first session
Security and ethical hacking initiative first session
 
Cybersecurity 5 road_blocks
Cybersecurity 5 road_blocksCybersecurity 5 road_blocks
Cybersecurity 5 road_blocks
 
Honeypot
HoneypotHoneypot
Honeypot
 
It's not about you: Mobile security in 2016
It's not about you: Mobile security in 2016It's not about you: Mobile security in 2016
It's not about you: Mobile security in 2016
 
Global CISO Forum 2017: How To Measure Anything In Cybersecurity Risk
Global CISO Forum 2017: How To Measure Anything In Cybersecurity RiskGlobal CISO Forum 2017: How To Measure Anything In Cybersecurity Risk
Global CISO Forum 2017: How To Measure Anything In Cybersecurity Risk
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Effective Prioritization Through Exploit Prediction
Effective Prioritization Through Exploit Prediction Effective Prioritization Through Exploit Prediction
Effective Prioritization Through Exploit Prediction
 
Malware self protection-matrix
Malware self protection-matrixMalware self protection-matrix
Malware self protection-matrix
 
Deploying a Shadow Threat Intel Capability at CaralinaCon on March 6, 2016
Deploying a Shadow Threat Intel Capability at CaralinaCon on March 6, 2016Deploying a Shadow Threat Intel Capability at CaralinaCon on March 6, 2016
Deploying a Shadow Threat Intel Capability at CaralinaCon on March 6, 2016
 
Invincea fake british airways ticket spear-phish malware 03-21-2014
Invincea fake british airways ticket spear-phish malware 03-21-2014Invincea fake british airways ticket spear-phish malware 03-21-2014
Invincea fake british airways ticket spear-phish malware 03-21-2014
 
IPv6 Security - Where is the Challenge
IPv6 Security - Where is the ChallengeIPv6 Security - Where is the Challenge
IPv6 Security - Where is the Challenge
 
Threat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the BasicsThreat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the Basics
 
Rafeeq Rehman - Breaking the Phishing Attack Chain
Rafeeq Rehman - Breaking the Phishing Attack ChainRafeeq Rehman - Breaking the Phishing Attack Chain
Rafeeq Rehman - Breaking the Phishing Attack Chain
 

Destaque

PrestaShop Products On CMS Module
PrestaShop Products On CMS ModulePrestaShop Products On CMS Module
PrestaShop Products On CMS ModuleAllan Parker
 
Triptico: Calidad De Las Estrategias Comunicativas En La Relación Médico Paci...
Triptico: Calidad De Las Estrategias Comunicativas En La Relación Médico Paci...Triptico: Calidad De Las Estrategias Comunicativas En La Relación Médico Paci...
Triptico: Calidad De Las Estrategias Comunicativas En La Relación Médico Paci...Evita Lopez Alvarez
 
Csr presentation
Csr presentation Csr presentation
Csr presentation Evelyn Hsu
 
Portfolio Ilham Chaeradipura
Portfolio Ilham ChaeradipuraPortfolio Ilham Chaeradipura
Portfolio Ilham Chaeradipurachaeradipuras
 
Lean data modeling the art of mitigating risk for changing requirements 201607
Lean data modeling the art of mitigating risk for changing requirements 201607Lean data modeling the art of mitigating risk for changing requirements 201607
Lean data modeling the art of mitigating risk for changing requirements 201607Paul Delgman
 
сокальщина гра
сокальщина грасокальщина гра
сокальщина граOlgaVladychko
 
кредо життя і творчості А. Покотюка
кредо життя і творчості А. Покотюкакредо життя і творчості А. Покотюка
кредо життя і творчості А. ПокотюкаOlgaVladychko
 
інтер’єр кімнати
інтер’єр кімнатиінтер’єр кімнати
інтер’єр кімнатиOlgaVladychko
 

Destaque (14)

ดนัย
ดนัยดนัย
ดนัย
 
Resume
ResumeResume
Resume
 
PrestaShop Products On CMS Module
PrestaShop Products On CMS ModulePrestaShop Products On CMS Module
PrestaShop Products On CMS Module
 
Triptico: Calidad De Las Estrategias Comunicativas En La Relación Médico Paci...
Triptico: Calidad De Las Estrategias Comunicativas En La Relación Médico Paci...Triptico: Calidad De Las Estrategias Comunicativas En La Relación Médico Paci...
Triptico: Calidad De Las Estrategias Comunicativas En La Relación Médico Paci...
 
Csr presentation
Csr presentation Csr presentation
Csr presentation
 
Bitacoras de tecnologia
Bitacoras de tecnologiaBitacoras de tecnologia
Bitacoras de tecnologia
 
Portfolio Ilham Chaeradipura
Portfolio Ilham ChaeradipuraPortfolio Ilham Chaeradipura
Portfolio Ilham Chaeradipura
 
Lean data modeling the art of mitigating risk for changing requirements 201607
Lean data modeling the art of mitigating risk for changing requirements 201607Lean data modeling the art of mitigating risk for changing requirements 201607
Lean data modeling the art of mitigating risk for changing requirements 201607
 
Hiretual101
Hiretual101Hiretual101
Hiretual101
 
Globalizacion
GlobalizacionGlobalizacion
Globalizacion
 
Кадровый резерв
Кадровый резервКадровый резерв
Кадровый резерв
 
сокальщина гра
сокальщина грасокальщина гра
сокальщина гра
 
кредо життя і творчості А. Покотюка
кредо життя і творчості А. Покотюкакредо життя і творчості А. Покотюка
кредо життя і творчості А. Покотюка
 
інтер’єр кімнати
інтер’єр кімнатиінтер’єр кімнати
інтер’єр кімнати
 

Semelhante a Charan Resume

Exploring the Social Engineering Toolkit (Set) Using Backtrack 5R3
Exploring the Social Engineering Toolkit (Set) Using Backtrack 5R3Exploring the Social Engineering Toolkit (Set) Using Backtrack 5R3
Exploring the Social Engineering Toolkit (Set) Using Backtrack 5R3IJERA Editor
 
Making the case for sandbox v1.1 (SD Conference 2007)
Making the case for sandbox v1.1 (SD Conference 2007)Making the case for sandbox v1.1 (SD Conference 2007)
Making the case for sandbox v1.1 (SD Conference 2007)Dinis Cruz
 
Hacking and its types
Hacking and its typesHacking and its types
Hacking and its typesRishab Gupta
 
RSA2015: Securing the Internet of Things
RSA2015: Securing the Internet of ThingsRSA2015: Securing the Internet of Things
RSA2015: Securing the Internet of ThingsDaniel Miessler
 
New Era of Software with modern Application Security v1.0
New Era of Software with modern Application Security v1.0New Era of Software with modern Application Security v1.0
New Era of Software with modern Application Security v1.0Dinis Cruz
 
Malware analysis and detection using reverse Engineering, Available at: www....
Malware analysis and detection using reverse Engineering, Available at: www....Malware analysis and detection using reverse Engineering, Available at: www....
Malware analysis and detection using reverse Engineering, Available at: www....Research Publish Journals (Publisher)
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscapeyohansurya2
 
Selected advanced themes in ethical hacking and penetration testing
Selected advanced themes in ethical hacking and penetration testingSelected advanced themes in ethical hacking and penetration testing
Selected advanced themes in ethical hacking and penetration testingCSITiaesprime
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hackingsamprada123
 
101+ Cybersecurity Tools List And Beyond by westwp.com.pdf
101+ Cybersecurity Tools List And Beyond by westwp.com.pdf101+ Cybersecurity Tools List And Beyond by westwp.com.pdf
101+ Cybersecurity Tools List And Beyond by westwp.com.pdfWestwp
 
Panda Security2008
Panda Security2008Panda Security2008
Panda Security2008tswong
 
Top 13 hacking software for beginners.pdf
Top 13 hacking software for beginners.pdfTop 13 hacking software for beginners.pdf
Top 13 hacking software for beginners.pdfDipak Tiwari
 
IRJET-Ethical Hacking
IRJET-Ethical HackingIRJET-Ethical Hacking
IRJET-Ethical HackingIRJET Journal
 
Insecure magazine - 52
Insecure magazine - 52Insecure magazine - 52
Insecure magazine - 52Felipe Prado
 
The Secret Recipe for Automating Android Malware Analysis - Lorenzo Cavallaro...
The Secret Recipe for Automating Android Malware Analysis - Lorenzo Cavallaro...The Secret Recipe for Automating Android Malware Analysis - Lorenzo Cavallaro...
The Secret Recipe for Automating Android Malware Analysis - Lorenzo Cavallaro...Codemotion
 

Semelhante a Charan Resume (20)

Exploring the Social Engineering Toolkit (Set) Using Backtrack 5R3
Exploring the Social Engineering Toolkit (Set) Using Backtrack 5R3Exploring the Social Engineering Toolkit (Set) Using Backtrack 5R3
Exploring the Social Engineering Toolkit (Set) Using Backtrack 5R3
 
Making the case for sandbox v1.1 (SD Conference 2007)
Making the case for sandbox v1.1 (SD Conference 2007)Making the case for sandbox v1.1 (SD Conference 2007)
Making the case for sandbox v1.1 (SD Conference 2007)
 
Hacking and its types
Hacking and its typesHacking and its types
Hacking and its types
 
Ethical hacking.
Ethical hacking.Ethical hacking.
Ethical hacking.
 
Super1
Super1Super1
Super1
 
RSA2015: Securing the Internet of Things
RSA2015: Securing the Internet of ThingsRSA2015: Securing the Internet of Things
RSA2015: Securing the Internet of Things
 
New Era of Software with modern Application Security v1.0
New Era of Software with modern Application Security v1.0New Era of Software with modern Application Security v1.0
New Era of Software with modern Application Security v1.0
 
Malware analysis and detection using reverse Engineering, Available at: www....
Malware analysis and detection using reverse Engineering, Available at: www....Malware analysis and detection using reverse Engineering, Available at: www....
Malware analysis and detection using reverse Engineering, Available at: www....
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscape
 
Selected advanced themes in ethical hacking and penetration testing
Selected advanced themes in ethical hacking and penetration testingSelected advanced themes in ethical hacking and penetration testing
Selected advanced themes in ethical hacking and penetration testing
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hacking
 
Security
SecuritySecurity
Security
 
101+ Cybersecurity Tools List And Beyond by westwp.com.pdf
101+ Cybersecurity Tools List And Beyond by westwp.com.pdf101+ Cybersecurity Tools List And Beyond by westwp.com.pdf
101+ Cybersecurity Tools List And Beyond by westwp.com.pdf
 
Email hacker
Email hackerEmail hacker
Email hacker
 
Panda Security2008
Panda Security2008Panda Security2008
Panda Security2008
 
Top 13 hacking software for beginners.pdf
Top 13 hacking software for beginners.pdfTop 13 hacking software for beginners.pdf
Top 13 hacking software for beginners.pdf
 
IRJET-Ethical Hacking
IRJET-Ethical HackingIRJET-Ethical Hacking
IRJET-Ethical Hacking
 
Insecure magazine - 52
Insecure magazine - 52Insecure magazine - 52
Insecure magazine - 52
 
The Secret Recipe for Automating Android Malware Analysis - Lorenzo Cavallaro...
The Secret Recipe for Automating Android Malware Analysis - Lorenzo Cavallaro...The Secret Recipe for Automating Android Malware Analysis - Lorenzo Cavallaro...
The Secret Recipe for Automating Android Malware Analysis - Lorenzo Cavallaro...
 
Phone hack
Phone hackPhone hack
Phone hack
 

Charan Resume

  • 1. Red Hills Hyderabad-500004 +91-9885288664 charan.cool92@gmail.com SAI CHARAN MUKKAMALA OBJECTIVE To resideinto the latestworld of technology as a person who caress it,loves it, tests itand importantly secures it.Ready to move with a group of security experts or as an individual security engineer to make the world secure. WORK HISTORY INFORMATION SECURITY ANALYST, ENTERSOFT INFORMATION SYSTEMS, HYDERABAD, AP 08th Jul 2013 – TILL DATE FULL TIME SECURITY RESEARCHER, SYNACK RED TEAM, REDWOOD CITY, USA. 15th Jan 2015 – TILL DATE INDEPENDENT SECURITY RESEARCHER, HACKERONE, SAN FRANCISCO, CALIFORNIA, USA. 10th Oct 2013 – TILL DATE INDEPENDENT SECURITY RESEARCHER, BUGCROWD INC, SAN FRANCISCO, CALIFORNIA, USA. 10th Oct2013 – TILL DATE WORK EXPERIENCE INFORMATION SECURITY ANALYST, ENTERSOFT INFROMATION SYSTEMS, HYDERABAD, AP. 08thJuly 2013 – TILL DATE As I grown up with computers, itdeveloped deep interestin the fields of computers, networks and I spend a lot of time searchinganswers for theunknown and making way to get evolve myself as a Security Professional. When I kick started my career with Entersoft in 2013 I got a zeal to learn,to implement a lotof new things and the best way I found is to implement whatever you learntthrough a trial and error mechanism with all thepossiblescenarios. There are so many methods out there availablefor conductinga penetration test againstthe target application or networks, but developing own methodology is the crucial partone would come across in thesecurity domain.I builtmy own methodology for all kinds of penetration tests whether the target might be a web application or a wireless network. With core in depth knowledge in security domain I can perform the following 1. Web Application Penetration Testing a. Web Server Auditing b. DatabaseServer Auditing c. Application SourceCode Review d. Core Business Logic Testing 2. MobileApplication Penetration Testing
  • 2. a. IOS mobile application penetration testing b. Android mobile application penetration testing 3. Network Penetration Testing a. Discoveringall thedevices over the network b. Enumerating all the applicationsinstalled and services runningon all thedevices. c. Followingown potential methods to find vulnerabilities in all theapplications, operatingsystem kernels and services runningin the target machines. d. If vulnerable,I will be implementing the post exploitation process to makesure how severe the vulnerability is? and whatcan be exploited further? e. Implementing fix for all the vulnerabilities found across thetarget. Knowledge Transfer sessionsatEntersoftplayed a prominent rolein developing my knowledge where developers and security experts sitback,relax and talks to each other regardingthe current market of Information Security likenews regardingthe latestdevelopments, technology trends, attacks,etc. I got habituated to researchingnew things in the internet and through which I gained a lot of information regardingthelatestsecurity threats, exploitingknown vulnerabilities,etc. As partof my client’s projectme alongwith another 2 colleagues atEntersoft developed a network security tool EnShield. The tool EnShield is capableof 1. Scanningthe whole network over the organization and collects all theinformation regardingthe computers being used. The tool collects information regarding theip address,hostname, services,banners and versions of runningservices,open ports, operatingsystem, etc. 2. The soleadmin of EnShield can control each and every system connected over the LAN/WLAN. 3. The admin can block a particular servicefor a particular systemata particulartime. 4. Redirects the whole network through an additional secondary network in caseif the firewall detects an intruder insidethe organization. PROFESSIONAL ACHIEVEMENTS OFFENSIVE SECURITY CERTIFIED PROFESSIONAL (OSCP) I have completed OSCP which is one of the best certificationsfor the professionalswith information security as the main background. SECURITY RESEARCHER I have participated in many more privateweb application bugbounty programs and received several rewards,swags and recognized as a white hat hackers on their whilehat list.
  • 3. HALL OF FAME FOR REPORTING VULNERABILITIES IN THE BELOW WEB APPLICATIONS. 1. AT&T 2. Western Union (2 flaws) 3. Humble Bundle (2 flaws) 4. StopTheHacker (2 flaws) 5. METRO Group (2 flaws) 6. Openfolio (2 flaws) 7. Bugcrowd (2 flaws) 8. Peerlyst (2 flaws) 9. Indeed (3 flaws) 10. oDesk (2 flaws) 11. ExpressionEngine(2 flaws) 12. ANCILE SOLUTIONS 13. CrowdCurity 14. BlockChain 15. Facebook 16. Volusion 17. Heroku 18. Aptible 19. Twilio 20. Medium 21. WHMCS 22. Tagged 23. Square 24. Block.io 25. ZenCash 26. CodePen 27. Todoist 28. Sellfy 29. Ello 30. Fluxiom 31. doorkeeperhq 32. SoundCloud 33. Librato 34. getdpd 35. viadeo 36. Gliph SKILLS I have a brief idea about all the architectures of all theoperatingsystems. I got good knowledge in interactingwith all theOS’s. I am thorough enough to communicate with all kinds of servers,routers, switches,proxies,VPN’s. I can implement changes to or I can design and develop new proxies,proxy configurations,proxy rules,firewalls,firewall configurations,firewall rules. I am good atimplementing network connections between servers for better communication. I got good experience in usingall of the automated tools out there for conductingpenetration testing over a network, web applicationsor a mobile application. I got good reporting skills which makes the fixingprocess faster and reliable.
  • 4. EDUCATION BACHELOR IN COMPUTER SCIENCE, JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY, KAKINADA. [2009-2013] I have completed my bachelor degree in Computer Science Engineering with aggregate of 65.84% alongwith special interestin the followingsubjects. 1. ObjectiveC and Data Structures(C&DS) 2. Advanced Data Structures(ADS) 3. Principles of ProgrammingLanguages(PPL) 4. DatabaseManagement Systems(DBMS) 5. Software TestingMethodologies(STM) 6. Computer Organization(CO) 7. Computer Networks(CN) 8. Computer Graphics(CG) 9. Compiler Design(CD) 10. Object Oriented Analysis& Design(OOAD) Presented papers on the followingtopics: 1. Cloud Computing and Security 2. Information Security and Ethical Hacking 3. Social Engineering - How to get protected from Black Hat Hackers SSC, BHASHYAM PUBLIC SCHOOL, GUNTUR. [2005-2007] I have completed my SSC with state syllabusand achieved aggregateof 79.86% with special interest in the followingsubjects. 1. General Physics 2. Biology 3. Social Studies REFERENCES SRI CHAKRADHAR K CIO,Entersoft Information Systems Pvt Ltd. +91-9502003777